Setting Global Password Control Parameters - HPE FlexFabric 7900 Series Security Configuration Manual
Hide thumbs
Also See for FlexFabric 7900 Series:
- Layer 3 ip routing command reference (414 pages) ,
- Security configuration manual (323 pages) ,
- Security command reference (320 pages)
Table of Contents
Advertisement
Step
3.
(Optional.) Enable a specific
password control feature.
Setting global password control parameters
The password expiration time, minimum password length, and password composition policy can be
configured in system view, user group view, or local user view. The password settings with a smaller
application scope have higher priority. Global settings in system view apply to the passwords of the
local users in all user groups if you do not configure password policies for these users in both local
user view and user group view.
The password-control login-attempt command takes effect immediately and can affect the users
already in the password control blacklist. Other password control configurations do not take effect on
users that have been logged in or passwords that have been configured.
To set global password control parameters:
Step
1.
Enter system view.
2.
Set the password expiration
time.
3.
Set the minimum password
update interval.
4.
Set the minimum password
length.
5.
Configure the password
composition policy.
6.
Configure the password
complexity checking policy.
7.
Set the maximum number of
history password records for
each user.
8.
Configure the login attempt
limit.
Command
password-control { aging |
composition | history | length }
enable
Command
system-view
password-control aging
aging-time
password-control
update-interval interval
password-control length length
password-control composition
type-number type-number
[ type-length type-length ]
password-control complexity
{ same-character | user-name }
check
password-control history
max-record-num
password-control login-attempt
login-times [ exceed { lock |
lock-time time | unlock } ]
50
Remarks
•
In FIPS mode, the global
password control feature is
enabled and cannot be
disabled by default.
By default, all four password
control features are enabled.
Remarks
N/A
The default setting is 90 days.
The default setting is 24 hours.
•
In non-FIPS mode, the default
setting is 10 characters.
•
In FIPS mode, the default
length is 15 characters.
•
In non-FIPS mode, a default
password must contain at
least one character type and
at least one character for each
type.
•
In FIPS mode, a default
password must contain at
least four character types and
at least one character for each
type.
By default, the system does not
perform password complexity
checking.
The default setting is 4.
By default, the maximum number
of login attempts is 3 and a user
failing to log in after the specified
number of attempts must wait for
1 minute before trying again.
Advertisement
Table of Contents
Troubleshooting
